Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/ba3b69-65e5-498e-ba08-dab9b483c123/1/BFsuju73p_IfTuzKMk-7j2upM6U.roa
File: BFsuju73p_IfTuzKMk-7j2upM6U.roa (raw, json)
Hash identifier: NMObEH49eiBEjgkYRi2sMCjgCjz2WvdzgCb1t201l78=
Subject key identifier: 04:5B:2E:8E:EE:F7:A7:F2:1F:4E:EC:CA:32:4F:BB:8F:6B:A9:33:A5
Certificate issuer: /CN=190ec7aab20fc4c801c67963e59e4f93600e401d
Certificate serial: 019C6BD90DCE62E9CD9086FEB94110210176
Authority key identifier: 19:0E:C7:AA:B2:0F:C4:C8:01:C6:79:63:E5:9E:4F:93:60:0E:40:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GQ7HqrIPxMgBxnlj5Z5Pk2AOQB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/ba3b69-65e5-498e-ba08-dab9b483c123/1/BFsuju73p_IfTuzKMk-7j2upM6U.roa
Signing time: Tue 17 Feb 2026 13:45:12 +0000
ROA not before: Tue 17 Feb 2026 13:45:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 20847
IP address blocks: 31.7.0.0/22 maxlen: 24
31.7.4.0/22 maxlen: 24
185.67.200.0/22 maxlen: 22
185.144.224.0/23 maxlen: 24
2a03:9700::/33 maxlen: 33
2a03:9700:8000::/33 maxlen: 33
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/ba3b69-65e5-498e-ba08-dab9b483c123/1/GQ7HqrIPxMgBxnlj5Z5Pk2AOQB0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/ba3b69-65e5-498e-ba08-dab9b483c123/1/GQ7HqrIPxMgBxnlj5Z5Pk2AOQB0.mft
rsync://rpki.ripe.net/repository/DEFAULT/GQ7HqrIPxMgBxnlj5Z5Pk2AOQB0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 07:01:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:6b:d9:0d:ce:62:e9:cd:90:86:fe:b9:41:10:21:01:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=190ec7aab20fc4c801c67963e59e4f93600e401d
Validity
Not Before: Feb 17 13:45:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=045b2e8eeef7a7f21f4eecca324fbb8f6ba933a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:7b:f9:de:99:29:43:95:64:13:cc:ca:50:7d:
7f:c7:93:b5:77:9a:cb:43:4b:ab:ef:b8:da:f6:1f:
f8:d1:6b:f1:83:41:3a:16:d3:7f:0f:2f:2b:6a:3d:
81:2c:d6:4b:d7:4d:0c:2d:14:5c:6c:0a:e9:5a:9f:
43:66:b5:ad:8e:9c:2e:e8:1d:05:47:14:06:0f:99:
98:ec:37:93:e9:4f:45:25:4f:bb:97:25:8d:03:8f:
07:36:6e:2b:69:d9:d5:54:d7:e2:0f:1f:53:2c:67:
45:e0:be:b5:6a:0c:59:c2:e1:ca:97:04:fc:23:19:
d3:d7:d4:ca:72:c8:82:76:85:a9:96:bc:45:9a:6a:
9d:d3:f8:e8:07:d2:36:e6:39:27:99:77:44:85:48:
fe:69:74:5c:4d:86:bf:56:c5:08:aa:bb:40:15:0f:
4d:18:79:dc:8b:fb:b3:d0:25:79:66:9b:bd:5a:3c:
23:b0:37:f5:07:77:51:b8:d8:e4:77:91:df:60:10:
16:25:23:9e:9f:52:52:e3:c9:68:75:b0:19:a2:5d:
91:91:41:c7:3e:e0:6a:a4:85:ac:26:e6:81:a3:35:
60:1f:00:57:a0:48:49:70:27:6d:ad:a7:fd:bd:a2:
4c:e9:52:40:00:69:51:68:2f:2c:7d:cc:e1:ef:9e:
79:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:5B:2E:8E:EE:F7:A7:F2:1F:4E:EC:CA:32:4F:BB:8F:6B:A9:33:A5
X509v3 Authority Key Identifier:
keyid:19:0E:C7:AA:B2:0F:C4:C8:01:C6:79:63:E5:9E:4F:93:60:0E:40:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GQ7HqrIPxMgBxnlj5Z5Pk2AOQB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/ba3b69-65e5-498e-ba08-dab9b483c123/1/BFsuju73p_IfTuzKMk-7j2upM6U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/ba3b69-65e5-498e-ba08-dab9b483c123/1/GQ7HqrIPxMgBxnlj5Z5Pk2AOQB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.7.0.0/21
185.67.200.0/22
185.144.224.0/23
IPv6:
2a03:9700::/32
Signature Algorithm: sha256WithRSAEncryption
24:bf:5e:ba:77:16:bf:ef:b2:cd:b2:54:84:04:a9:5b:f0:42:
b6:85:ca:45:a8:c3:81:37:41:a9:e3:b1:36:42:6b:dc:7f:f7:
2b:e4:b4:b0:ff:e4:b6:a1:98:7b:28:94:33:4d:4b:b0:6c:8e:
2c:21:4f:73:65:fd:3b:d2:72:6b:41:31:ed:f0:37:62:db:e7:
ba:b8:b0:b8:fa:1d:05:e5:20:90:1a:53:18:05:99:94:e6:02:
54:af:ce:bc:9e:71:9e:9c:f8:5d:d0:9d:5d:d8:ea:aa:6d:d6:
f9:bc:97:29:df:c8:65:76:22:da:97:8b:b5:23:e2:3d:b3:28:
e6:37:f9:fb:0b:66:25:4d:4c:75:8a:c5:ff:8a:bc:fa:34:d2:
fc:89:52:3b:2f:f9:69:7b:3d:b8:d0:3d:c9:6d:42:03:d0:5e:
df:65:7d:7c:57:03:f0:e8:6c:52:9e:4e:3f:26:bb:98:bd:18:
09:d2:55:52:a1:ec:63:80:bd:7b:15:fd:19:d5:b2:33:da:76:
65:d1:e7:56:bb:96:dc:c1:9f:56:2e:d9:6b:bf:ff:bd:8c:ec:
cd:2f:03:0c:61:44:7c:b4:ce:f0:bd:80:57:2c:52:39:7d:75:
4e:ed:c5:af:d7:35:07:9d:04:0d:13:12:67:2b:cb:58:5d:06:
a4:bd:dd:19
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZxr2Q3OYunNkIb+uUEQIQF2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5MGVjN2FhYjIwZmM0YzgwMWM2Nzk2M2U1OWU0ZjkzNjAw
ZTQwMWQwHhcNMjYwMjE3MTM0NTEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDViMmU4ZWVlZjdhN2YyMWY0ZWVjY2EzMjRmYmI4ZjZiYTkzM2E1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Hv53pkpQ5VkE8zKUH1/x5O1d5rL
Q0ur77ja9h/40Wvxg0E6FtN/Dy8raj2BLNZL100MLRRcbArpWp9DZrWtjpwu6B0F
RxQGD5mY7DeT6U9FJU+7lyWNA48HNm4radnVVNfiDx9TLGdF4L61agxZwuHKlwT8
IxnT19TKcsiCdoWplrxFmmqd0/joB9I25jknmXdEhUj+aXRcTYa/VsUIqrtAFQ9N
GHnci/uz0CV5Zpu9WjwjsDf1B3dRuNjkd5HfYBAWJSOen1JS48lodbAZol2RkUHH
PuBqpIWsJuaBozVgHwBXoEhJcCdtraf9vaJM6VJAAGlRaC8sfczh7555bQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFARbLo7u96fyH07syjJPu49rqTOlMB8GA1UdIwQY
MBaAFBkOx6qyD8TIAcZ5Y+WeT5NgDkAdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1E3SHFySVB4TWdCeG5sajVaNVBrMkFPUUIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9iYTNiNjktNjVlNS00OThlLWJhMDgt
ZGFiOWI0ODNjMTIzLzEvQkZzdWp1NzNwX0lmVHV6S01rLTdqMnVwTTZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9iYTNiNjktNjVlNS00OThlLWJhMDgtZGFiOWI0ODNjMTIz
LzEvR1E3SHFySVB4TWdCeG5sajVaNVBrMkFPUUIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDHwcAAwQC
uUPIAwQBuZDgMA0EAgACMAcDBQAqA5cAMA0GCSqGSIb3DQEBCwUAA4IBAQAkv166
dxa/77LNslSEBKlb8EK2hcpFqMOBN0Gp47E2Qmvcf/cr5LSw/+S2oZh7KJQzTUuw
bI4sIU9zZf070nJrQTHt8Ddi2+e6uLC4+h0F5SCQGlMYBZmU5gJUr868nnGenPhd
0J1d2Oqqbdb5vJcp38hldiLal4u1I+I9syjmN/n7C2YlTUx1isX/irz6NNL8iVI7
L/lpez240D3JbUID0F7fZX18VwPw6GxSnk4/JruYvRgJ0lVSoexjgL17Ff0Z1bIz
2nZl0edWu5bcwZ9WLtlrv/+9jOzNLwMMYUR8tM7wvYBXLFI5fXVO7cWv1zUHnQQN
ExJnK8tYXQakvd0Z
-----END CERTIFICATE-----
Generated at Mon Mar 2 14:51:35 2026 by rpki-client